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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )S Responsive to communication(s) filed on 10 April 2007 . 
2a)K This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-14 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1-14 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office. action for a list of the certified copies not received. 



Attachment(s) 

1) □ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO/SB/08) 5) □ Notice of Informal Patent Application 

Paper No(s)/Mail Date . 6) □ Other: . 
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DETAILED ACTION 

1 . Claims 1-14 are presented for examination. 

Response to Arguments 

2. Applicant's arguments filed 04/1 0/07 have been fully considered but they 
are not persuasive because of the following reasons: 

3. Applicant argues that Win does not teach or suggest determining an 
attribute based, in part, on a capability of the network device. In response to applicant's 
argument, the examiner submits that Win does teach or suggest the feature of 
determining an attribute based, in part, on a capability of the network device as shown 
in abstract, figure 1, col. 6, lines 58-65, col. 11, line 42-col. 12, line 8, col. 24, lines 24- 
55. 

4. Applicant argues that Win does not teach or suggest the feature of 
authorizing a network device. In response to applicant's argument that the references 
fail to show certain features of applicant's invention, it is noted that the features upon 
which applicant relies (i.e., authorizing a network device) are not recited in the rejected 
claim(s). Although the claims are interpreted in light of the specification, limitations from 
the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1 181, 26 
USPQ2d 1057 (Fed. Cir. 1993). 

5. Applicant argues that Win does not teach or suggest the feature of 
generating an attribute certificate, wherein the attribute certificate is based on a 
capability of another network device. In response to applicant's argument, the examiner 
submits that Win does teach or suggest generating an attribute certificate, wherein the 
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attribute certificate is based on a capability of another network device as shown in 
abstract, figure 1, col. 6, lines 58-65, col. 11, line 42-col. 12, line 8, col. 24, lines 24-55. 

6. As a result, cited prior art does disclose a system and method for 
authorizing a network device, as broadly claimed by the Applicants. Applicants clearly 
have still failed to identify specific claim limitations that would define a clearly patentable 
distinction over prior art. 

7. Therefore, the examiner asserts that cited prior art teaches or suggests 
the subject matter broadly recited in independent claims 1, 9 and 14. Claims 2-8, and 
10-13 are also rejected at least by virtue of their dependency on independent claims 
and by other reasons set forth in the previous office action [mailed date 01/04/07]. 
Accordingly, claims 1-14 are rejected. 

Claim Rejections - 35 USC § 102 

8. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 

§ 102 that form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
by another who has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this 
title before the invention thereof by the applicant for patent. 



The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AIPA) and the Intellectual Property and High Technology Technical 
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Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
directly or indirectly from an international application filed before November 29, 2000. 
Therefore, the prior art date of the reference is determined under 35 U.S.C. 102(e) prior 
to the amendment by the AIPA (pre-AlPA 35 U.S.C. 102(e)). 

9. Claims 1-14 are rejected under 35 U.S.C. § 102(e) as being anticipated by 
Win etal. (hereinafter Win) U.S. Patent No. 6,453,353. 

10. As to claim 1, Win teaches a method for authorizing a network device, 
comprising: determining an attribute based, in part, on a capability of the network device 
(abstract, figure 1, col. 6, lines 58-65, col. 11, line 42-col. 12, line 8); generating an 
attribute certificate based, in part, on the attribute (col. 7, line 34-col. 8, line 46, col. 10, 
line 34-col. .11, line 9); storing the attribute certificate including the attribute (col. 6, line 
20-65, col. 10, lines 14-67); and if the attribute certificate is valid, authorizing access to 
a resource over a network based, in part, on the attribute associated with the attribute 
certificate (col. 9, line 14-col. 10, line 67, col.11, line 43-col. 12, line 8). 

11. As to claim 2, Win teaches attribute is further determined based, in part, 
on an automated security scan of the network device (abstract, col. 5, line 55-col. 6, line 
10, col. 10, lines 34-67). 

12. As to claim 3, Win teaches wherein the attribute is further determined 
based, in part, on a condition to be satisfied (figure 3, col. 8, lines 5-63). 
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13. As to claim 4, Win teaches wherein the attribute is further associated with 
a group of network devices (col. 13, lines 35-67). 

14. As to claim 5, Win teaches wherein the attribute is further associated with 
a group of users (col. 13, lines 35-67). 

1 5. As to claim 6, Win teaches, wherein the attribute certificate is generated 
by at least one of the network device, an access server, and an attribute authority 
(figure 1). 

16. As to claim 7, Win teaches wherein the attribute certificate is stored in at 
least one of the network device, and an attribute repository (figure 1). 

17. As to claim 8, Win teaches wherein the attribute certificate is provided to 
an access server through the use of at least one of a cookie, a program, and a manual 
upload (col. 10, line 41 -col. 12, lines 8). 

18. As to claim 9, Win teaches a network device for managing authorization to 
a resource over a network, comprising: a first component configured to generate an 
attribute certificate, wherein the attribute certificate is based, in part, on a capability of 
another network device (abstract, figure 1, col. 6, lines 58-65, col. 11, line42-col. 12, 
line 8); a second component, coupled to the first component, configured to store the 



Application/Control Number: 10/823,378 Page 6 

Art Unit: 2155 

attribute certificate (col. 7, line 34-col. 8, line 46, col. 10, line 34-col. 11, line 9); and a 
third component, coupled to the second component, configured to authorize the other 
network device to the resource over the network based, in part, on the attribute of the 
other network device associated with the attribute certificate (col. 9, line 14-col. 10, line 
67, col.11, line43-col. 12, line 8). 

1 9. As to claim 1 0, Win teaches wherein the first component is further 
configured to generate the attribute certificate based on a condition to be satisfied 
(figure 3, col. 8, lines 5-63). 

20. As to claim 1 1 , Win teaches further comprising a fourth component that is 
configured to perform an automated security scan of the other network device (abstract, 
col. 5, line 55-col. 6, line 10, col. 10, lines 34-67). 

21 . As to claim 12, Win teaches wherein the first component is further 
configured to generate the attribute certificate based on the automated security scan of 
the other network device (abstract, col. 5, line 55-col. 6, line 10, col. 10, lines 34-67). 

22. As to claim 13, Win teaches wherein the second component is further 
configured to send the attribute certificate to the other network device to be stored, and 
the third component it further configured to receive the attribute certificate (figure 1). 
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23. As to claim 14, Win teaches a network device for managing authorization 
to a resource over a network, comprising: a means for generating an attribute 
certificate, wherein the attribute certificate is based on a capability of another network 
device (abstract, figure 1, col. 6, lines 58-65, col. 11, line 42-col. 12, line 8); a means for 
storing the attribute certificate (col. 7, line 34-col. 8, line 46, col. 10, line 34-col. 11, line 
9); and a means for authorizing the other network device to the resource over the 
network based, in part, on the attribute of the other network device associated with the 
attribute certificate (col. 9, line 14-col. 10, line 67, ool.11, line 43-col. 12, line 8). 

Conclusion 

24. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of 
time policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

25. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Thu Ha Nguyen, whose telephone number is (571) 
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272-3989. The examiner can normally be reached Monday through Friday from 8:30 
AM to 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Najjar Saleh, can be reached at (571) 272-4006. 

The fax phone numbers for the organization where this application or proceeding 
is assigned are (571) 273-8300 for regular communications. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov . Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




THU HA NGUYbo. 
RIMARY EXAMINER 



July 2, 2007 



